Post by Nomen NescioMailing list traffic and Nym Retrieval all abruptly stopped June 19.A glance at daily AAM traffic volume before and after June 19 tellsthe story.This is reminiscent of THE GREAT A.A.M. OUTAGE OF 2014, which resolvedafter Zax fixed a X-Original-To header problem November 9, 2014. Seethread in apas around that time.What is it this time?

I agree.

I sent multiple Nym messages today, many hours ago, and neverreceiveda delivery confirmation for any of them.

Post by Nomen NescioMailing list traffic and Nym Retrieval all abruptly stopped June 19.A glance at daily AAM traffic volume before and after June 19 tellsthe story.This is reminiscent of THE GREAT A.A.M. OUTAGE OF 2014, which resolvedafter Zax fixed a X-Original-To header problem November 9, 2014. Seethread in apas around that time.What is it this time?

I agree.I sent multiple Nym messages today, many hours ago, and neverreceiveda delivery confirmation for any of them.Something's wrong.

Yes, I think something is wrong too. Something in the upgrade toSqueeze has likely broken it. The most likely suspect is the upgrade togpg v2. I've reverted this back to gnupg-1.4.21 and will see if thenymserver is happier. Unfortunately, it's logging nothing and syntaxchecks reveal no issues. It might take a while to track down the issue.

Post by Nomen NescioMailing list traffic and Nym Retrieval all abruptly stopped June 19.A glance at daily AAM traffic volume before and after June 19 tellsthe story.This is reminiscent of THE GREAT A.A.M. OUTAGE OF 2014, which resolvedafter Zax fixed a X-Original-To header problem November 9, 2014. Seethread in apas around that time.What is it this time?

After some investigation, it looks like the Nymserver script is notcompatible with gnupg v2.1x. I doubt this is going to be resolved withoutrecreating a lot of Nyms and probably the nymserver's key. The scriptitself would also require some rework as the options on each gpg actionare incompatible.

I've modified the gnupg::interface perl package to use gpg-1.4.1 and I'mseeing some activity from the nymserver. Can someone with an activeType-I nym confirm if it's working?

Post by ZaxAfter some investigation, it looks like the Nymserver script is notcompatible with gnupg v2.1x. I doubt this is going to be resolved withoutrecreating a lot of Nyms and probably the nymserver's key. The scriptitself would also require some rework as the options on each gpg actionare incompatible.I've modified the gnupg::interface perl package to use gpg-1.4.1 and I'mseeing some activity from the nymserver. Can someone with an activeType-I nym confirm if it's working?

Post by ZaxAfter some investigation, it looks like the Nymserver script is notcompatible with gnupg v2.1x. I doubt this is going to be resolved withoutrecreating a lot of Nyms and probably the nymserver's key. The scriptitself would also require some rework as the options on each gpg actionare incompatible.I've modified the gnupg::interface perl package to use gpg-1.4.1 and I'mseeing some activity from the nymserver. Can someone with an activeType-I nym confirm if it's working?

Yes, 2.1 is greatly improved in many ways but is unlikely to ever becompatible with our aging Nymserver script. The last updates to it weredone in 2004! Part of the problem is that PGP evolves and removesciphers and hashes that are no longer considered secure. Unfortunatelythe script uses some of those, like MD5.

I'm tempted to write a new Nymserver using NaCl keys instead of PGP.It always nags me though that while I can reproduce the currentfunctionality, I don't have the skills to deliver a Sphinx-likesolution. If only someone with better crypto skills would produce aSphinx library!

For now, I'll leave things as the are and let the old script soldier on.It might not be perfect or even close to perfect but it's probably asgood, if not better, than any other tool at our disposal.

With GnuPG 1.4 we have RSA-4096, AES-256, SHA-512, which should besecure for years to come. And, different from 2.1, it's stable, fast,small and easy to embed.

Post by Zaxbut is unlikely to ever becompatible with our aging Nymserver script. The last updates to it weredone in 2004! Part of the problem is that PGP evolves and removesciphers and hashes that are no longer considered secure. Unfortunatelythe script uses some of those, like MD5.

But do they need them?

Post by ZaxI'm tempted to write a new Nymserver using NaCl keys instead of PGP.

Compatible with what?

Post by ZaxIt always nags me though that while I can reproduce the currentfunctionality, I don't have the skills to deliver a Sphinx-likesolution. If only someone with better crypto skills would produce aSphinx library!

What's wrong with what we have now?

Post by ZaxFor now, I'll leave things as the are and let the old script soldier on.It might not be perfect or even close to perfect but it's probably asgood, if not better, than any other tool at our disposal.

Post by ZaxIt always nags me though that while I can reproduce the currentfunctionality, I don't have the skills to deliver a Sphinx-likesolution. If only someone with better crypto skills would produce aSphinx library!

What's wrong with what we have now?

Reply capability now exists only for type 1 and the securityof sphinx (against tagging attacks) is better than both currenttypes 1 and 2.

Post by ZaxIt always nags me though that while I can reproduce the currentfunctionality, I don't have the skills to deliver a Sphinx-likesolution. If only someone with better crypto skills would produce aSphinx library!

What's wrong with what we have now?

Reply capability now exists only for type 1 and the securityof sphinx (against tagging attacks) is better than both currenttypes 1 and 2.

Post by ZaxIt always nags me though that while I can reproduce the currentfunctionality, I don't have the skills to deliver a Sphinx-likesolution. If only someone with better crypto skills would produce aSphinx library!

What's wrong with what we have now?

Reply capability now exists only for type 1 and the securityof sphinx (against tagging attacks) is better than both currenttypes 1 and 2.

You create a Single Use Reply Block and include it with the outboundmessage. The recipient can then use the SURB to reply. The destinationwithin the SURB could be an email, a mail2news, or directives to analtogether new protocol.

Post by Nomen NescioMailing list traffic and Nym Retrieval all abruptly stopped June 19.A glance at daily AAM traffic volume before and after June 19 tellsthe story.This is reminiscent of THE GREAT A.A.M. OUTAGE OF 2014, which resolvedafter Zax fixed a X-Original-To header problem November 9, 2014. Seethread in apas around that time.What is it this time?

After some investigation, it looks like the Nymserver script is notcompatible with gnupg v2.1x. I doubt this is going to be resolved withoutrecreating a lot of Nyms and probably the nymserver's key. The scriptitself would also require some rework as the options on each gpg actionare incompatible.I've modified the gnupg::interface perl package to use gpg-1.4.1 and I'mseeing some activity from the nymserver. Can someone with an activeType-I nym confirm if it's working?

Zax, you must be tearing your hair out with this one.

Thank you for all you do.

Currently testing:

AAM downloaded more messages today than in the past few days.Assume traffic is increased. Looks like a good sign.

Post by ZaxAfter some investigation, it looks like the Nymserver script is notcompatible with gnupg v2.1x. I doubt this is going to be resolved withoutrecreating a lot of Nyms and probably the nymserver's key. The scriptitself would also require some rework as the options on each gpg actionare incompatible.I've modified the gnupg::interface perl package to use gpg-1.4.1 and I'mseeing some activity from the nymserver. Can someone with an activeType-I nym confirm if it's working?

The platypus software uses the local gpg programwhich does have md5 where I run it.

***@notatla:~/lib> gpg --versiongpg (GnuPG) 2.0.24libgcrypt 1.6.1Copyright (C) 2013 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.

gpg (GnuPG) 2.1.18libgcrypt 1.7.6-betaCopyright (C) 2017 Free Software Foundation, Inc.License GPLv3+: GNU GPL version 3 or later<https://gnu.org/licenses/gpl.html>This is free software: you are free to change and redistribute it.There is NO WARRANTY, to the extent permitted by law.